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DETAILED ACTION 

1. The text of those sections of Title 35 U.S. Code not included in this section can be found 
in the prior office action. 

2. The prior office actions are incorporated herein by reference. In particular, the 
observations with respect to claim language, and response to previously presented arguments. 

3. Claim 23 has been cancelled. 

4. Claims 1, 5-8, 12, 15-18, 20 and 26 have been amended. 

5. Claims 1-22, 24-30, nov^ re-numbered as claims 1-29 are pending. 

EXAMINER'S AMENDMENT 

6. An examiner's amendment to the record appears below. Should the changes and/or 
additions be unacceptable to applicant, an amendment may be filed as provided by 37 CFR 
1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the 
payment of the issue fee. 

Authorization for this examiner's amendment was given in a telephone interview with Crystal D. 
Sayles on 4/26/2006. 

Amendments to the Claims 

Claim 23 has been cancelled. 

Claims 1, 5-8, 12, 15-18, 20 and 26 have been replaced with: 

1 . (Currently Amended) A method comprising: 

receiving a resource request from a first requestor, the resource request including 
credentials and identifying information regarding an operation to be performed with respect to a 
resource; 

mapping the resource request to a resource identifier; 

translating the resource request to. a resource inquiry request, the resource inquiry request 
including a resource authorization parameter representing the a permission level necessary for a 
client to perform the operation , the permission level from the group consisting of owner level 
editor level reviewer level and none level : 
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searching a resource data structure for a resource node based on the resource identifier; 

and 

determining whether the first requestor is authorized to perform the operation with 
respect to the resource based on whether the credentials in the resource request match the 
resource authorization parameter associated with the resource node. 

5. (Currently Amended) The method of claim 1 wherein mapping includes mapping the resource 
request to the resource identifier and the resource authorization paramete r, wherein the resource 
authorization parameter of the including an owner level authorizes authorizing complete access 
to the resource. 

6. (Currently Amended) The method of claim 1 wherein mapping includes mapping the resource 
request to the resource identifier and the resource authorization paramete r, wherein the resource 
authorization parameter of the including an editor level authorizes authorizing read/write access 
to the resource. 

7. (Previously Presented) The method of claim 1 wherein mapping includes mapping the 
resource request to the resource identifier and the resource authorization paramete r, wherein the 
resource authorization parameter of the including a reviewer level authorizes authorizing read 
only access to the resource. 

8. (Previously Presented) The method of claim 1 wherein mapping includes mapping the 
resource request to the resource identifier and the resource authorization paramete r, wherein the 
resource authorization parameter of the including a none level denies d e nying all access to the 
resource. 

12. (Currently Amended) An apparatus comprising: 

a memory for storing a resource data structure having resource nodes each of which 
represents a respective resource and which has a respective resource identifier^ and a resource 
authorization credential, and a resource authorization level fi-om the group consisting of owner 
level editor level reviewer level and none level param e ter : and 

a processor configured to : 

receive a resource request firom a first requestor, the resource request including 

credentials and identifying information representing an operation to be performed with 

respect to a resource; 

map the resource request to a resource identifier; 

search the resource data structure for a resource node based on the resource 
identifier; and 

determine whether the first requestor is authorized to perform the operation with 
respect to the resource based on whether the credentials in the resource request match the 
resource authorization credential and the resource authorization level param e ter 
associated with the resource node. 
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15. (Currently Amended) The apparatus of claim 12 wherein the resource authorization level 
includ e s an of the owner level authorizes authorizing complete access to the resource. 

16. (Currently Amended) The apparatus of claim 12 wherein the resource authorization level 
includes an of the editor level authorizes authorizing read/write access to the resource. ' 

17. (Currently Amended) The apparatus of claim 12 wherein the resource authorization level 
includ e s a of the reviewer level authorizes authorizing read only access to the resource. 

18. (Currently Amended) The apparatus of claim 12 wherein the resource authorization level 
includ e s a of the none level denies d e nying all access to the resource. 

20. (Currently Amended) A system comprising: 

a first computer associated with a first requestor configured to generate resource requests 
with credentials; 

a second computer including memory storing a resource data structure with resource 
nodes each of which represents a respective, resource and which has a respective resource 
identifier, a resource authorization parameter, and a resource authorization level, and the second 
computer configured to: 

receive a resource request from a first requestor, the resource request including 
credentials and identifying information representing an operation to be performed with ' 
respect to a resource; 

map the resource request to a resource identifier; 

translate the resource request to a resource inquiry request to include the resource 
authorization parameter, the resource authorization parameter representing a permission 
level necessary for a client to perform the operation , the permission level from the group 
consisting of owner level, editor level reviewer level and none level : 

search the resource data structure for a resource node based on the resource 
identifier; and 

determine whether the first requestor is authorized to perform the operation with 
respect to the resource based on whether the credentials in the resource request match the 
resource authorization parameter associated with the resource node; and 

a network over which the first and second computers communicate. 

26. (Currently Amended) An article comprising a computer readable medium that stores 
computer executable instructions for causing a computer system to: 

map a resource request to a resource identifier, in response to receiving the resource 
request from a first requestor, the resource request including credentials and identifying 
information representing an operation to be performed with respect to a resource; 

translate the resource request to a resource inquiry request, the resource inquiry request 
including a resource authorization parameter representing the permission level necessary for a 
client to perform the operation , the permission level from the group consisting of owner level 
editor level reviewer level and none level : 

search a resource data structure for a resource node based on the resource identifier; and 
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determine whether the first requestor is authorized to perform the operation with respect 
to the resource based on whether the credentials in the resource request match the resource 
authorization parameter associated with the resource node. 

Response to Arguments 

7. Applicant's arguments filed 02/02/2006 in view of the Examiner's Amendment have 
been fully considered and they are persuasive. 

Conclusion 

8. Prior arts made of record, not reHed upon: 

US 5,689,708 to Regnier et al. is directed to resource manager in a client/server computer 
network. 

US 6,233,576 to Lewis is directed to a scheme for implanting flexible control of subject 
authorizations to perform operations in relation to computer resources. 

US 6,226,752 to Gupta et al. is directed to method and apparatus for authenticating users. 

US 6,353,886 to Howard et al. discusses method and system for secure network policy 
implementation. 

♦ 

US 2002/01844886 to Kershenbaum et al. is directed to automated program resource 
identification and association. 

US 2003/0018786 to Lortz is directed to resource poHcy management. 

GB 2 357 225 A discusses digital certificates having content specifying an attribute 
delegation. 

IBN Technical Disclosure, Checking Authority of Dataset, vol. 34, Iss. 1, June 1, 1991, 
pgs 74-77. 
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Any inquiry concerning this communication or earlier conmiunications from the 
examiner should be directed to Taghi T. Arani whose telephone number is (571) 272-3787. The 
examiner can normally be reached on 8:00-5:30 Mon-Fri. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz Sheikh can be reached on (571) 272-3795. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217/9197 (toll-free). 




Taghi T. Arani, Ph.D. 
Primary Examiner 
ArtUnit2131 
4/26/2006 



